Browse > Article
http://dx.doi.org/10.13089/JKIISC.2022.32.3.565

An Analysis of Security Vulnerabilities Using 5G NAS COUNT  

Kim, Min-Jae (EstSoft)
Park, Jong-Geun (Electronics and Telecommunications Research Institute)
Shin, Ji-Soo (Electronics and Telecommunications Research Institute)
Moon, Dae-Sung (Electronics and Telecommunications Research Institute)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.32, no.3, 2022 , pp. 565-573 More about this Journal
Abstract
Current mobile communication system is in the mid-process of conversion from 4G LTE to 5G network. According to the generalization of mobile communication services, personal information such as user's identifiers and location information is transmitted through a mobile communication network. The importance of security technology is growing according to the characteristics of wireless mobile communication networks, the use of wireless shared channels is inevitable, and security technology cannot be applied to all network system elements in order to satisfy the bandwidth and speed requirements. In particular, for security threat analysis, researches are being conducted on various attack types and vulnerability analysis through rogue base stations or attacker UE to make user services impossible in the case of 5G networks. In this paper, we established a 5G network testbed using open sources. And we analyzed three security vulnerabilities related to NAS COUNT and confirmed the validity of two vulnerabilities based on the testbed or analyzing the 3GPP standard.
Keywords
5G Network; Vulnerability Analysis; NAS Count;
Citations & Related Records
연도 인용수 순위
  • Reference
1 X. Hu, C. Liu, S. Liu, W. You, Y. Li and Y. Zhao, "A Systematic Analysis Method for 5G Non-Access Stratum Signalling Security," in IEEE Access, vol. 7, pp. 125424-125441, 2019, doi: 10.1109/ACCESS.2019.2937997.   DOI
2 nuXmv. https://nuxmv.fbk.eu/. Accessed May 25, 2022.
3 Syed Rafiul Hussain, Mitziu Echeverria, Imtiaz Karim, Omar Chowdhury, and Elisa Bertino. 2019. 5GReasoner: A Property-Directed Security and Privacy Analysis Framework for 5G Cellular Network Protocol. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS '19). Association for Computing Machinery, New York, NY, USA, pp. 669-684. DOI:https://doi.org/10.1145/3319535.3354263.   DOI
4 S. Meier, B. Schmidt, C. Cremers and D. Basin, "The TAMARIN prover for the symbolic analysis of security protocols", Proc. Int. Conf. Comput. Aided Verification, pp. 696-701, 2013.
5 [n.d.]. Non-Access-Stratum (NAS) protocol for 5G System (5GS); Stage 3, Specification 3GPP TS 24.501 version 16.8.0 Release 16. 3GPP. 3GPP Mobile Competence Centre, c/o ETSI, 650, route des Lucioles, 06921 Sophia Antipolis Cedex, France. 696. 2021.
6 [n.d.]. Security architecture and procedures for 5G system, Specification 3GPP TS 33.501 version 16.8.0 Release 16. 3GPP. 3GPP Mobile Competence Centre, c/o ETSI, 650, route des Lucioles, 06921 Sophia Antipolis Cedex, France. 248. 2021.
7 UERANSIM. https://github.com/aligungr/UERANSIM. Accessed May 25, 2022.
8 [n.d.]. NR; Radio Resource Control(RRC) protocol specification, Specification 3GPP TS 38.331 version 16.4.0 Release 16. 3GPP. 3GPP Mobile Competence Centre, c/o ETSI, 650, route des Lucioles, 06921 Sophia Antipolis Cedex, France. 930. 2021.
9 Open5GS. https://open5gs.org/. Accessed May 25, 2022.
10 Open5GS. https://github.com/open5gs. Accessed May 25, 2022.